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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

Responsive to communication(s) filed on 22 March 2002 . 
2a)D This action is FINAL. 2b)[g] This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) IEl Claim(s) 1-39 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) ' is/are allowed. 

6) 113 Claim(s) 1-39 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^3 The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 05 July 2001 is/are: a)KI accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 1 1 9 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or(f). 
a)Q All b)D Some *c)D None of: 

1 -D Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1-39 are pending in the application. 

2. Claims 1-39 have been rejected. 

Specification 

3. Applicant is reminded of the proper language and format for an abstract of the disclosure. 

The abstract should be in narrative form and generally limited to a single paragraph on a 
separate sheet within the range of 50 to 150 words. It is important that the abstract not exceed 
150 words in length since the space provided for the abstract on the computer tape used by the 
printer is limited. The form and legal phraseology often used in patent claims, such as "means" 
and "said," should be avoided. The abstract should describe the disclosure sufficiently to assist 
readers in deciding whether there is a need for consulting the full patent text for details. 

The language should be clear and concise and should not repeat information given in the 
title. It should avoid using phrases which can be implied, such as, "The disclosure concerns," 
"The disclosure defined by this invention," "The disclosure describes," etc. 

The abstract exceeds the 150-word limit. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. Claims 1- 39 are rejected under 35 U.S.C. 103(a) as being unpatentable over Shwed et al 
U.S. Patent No. 5,835,726 in view of Van Gaasbeck et al U.S. Patent No. 6,687,762 Bl. 

As to claims 1, 3, 5, 13, 15, 17, 25, 27 and 33-36, Shwed et al discloses intercepting a 
portion of outgoing network data characteristic of the operating system [column 1, lines 51-58]. 
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Shwed et al does not teach masking the portion of outgoing network data to impersonate 
a different operating system in accordance with a security policy if the network is an untrusted 
network. Shwed et al does not teach replacing the portion of outgoing network data with data 
characteristic of the different operating system. 

Van Gaasbeck et al teaches impersonating a different operating system in accordance 
with a security policy if the network is an untrusted network [column 4 line 61 to column 5 line 
21]. Van Gaasbeck et al teaches replacing the portion of outgoing network data with data 
characteristic of the different operating system [column 4 line 61 to column 5 line 21]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Shwed et al so that the firewall would have 
missed the portion of outgoing network data to impersonate a different operating system in 
accordance with a security policy if the network is an untrusted network. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Shwed et al by the teaching of Van Gaasbeck et al because 
certain operating system more vulnerable to attacks. Therefore, if it were an untrusted network, 
you would not want an outsider to penetrate your operating system. 

As to claims 2, 14 and 26, the Shwed-Van Gaasbeck combination teaches discarding the 
portion of outgoing network data [Shwed et al column 6, lines 28-38]. 

As to claims 4 and 16, the Shwed-Van Gaasbeck combination teaches that the security 
policy identifies the portion of outgoing network data and specifies an action to take to mask the 
portion of outgoing network data [Shwed et al column 6, lines 39-54]. 
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As to claims 6, 18 and 39, the Shwed-Van Gaasbeck combination teaches that the 
security policy further defines the network as untrusted [Shwed et al column 9, lines 18-50]. 

As to claims 7, 19 and 29, the Shwed-Van Gaasbeck combination teaches receiving the 
security policy through the network [Shwed et al column 7, lines 33-65]. 

As to claims 8, 20 and 30, the Shwed-Van Gaasbeck combination teaches modifying the 
security policy based on user input [Shwed et al column 7, lines 33-65]. 

As to claims 9, 21 and 28, the Shwed-Van Gaasbeck combination teaches transmitting 
the portion of outgoing network data unchanged if the network is a trusted network [Shwed et al 
column 9, lines 18-50], 

As to claims 12, 24 and 32 5 the Shwed-Van Gaasbeck combination teaches that the 
method is integrated into a firewall that protects the computer [Shwed et al column 14, lines 19- 
39]. 

As to claims 10, 22, 31, 37 and 38, the Shwed-Van Gaasbeck combination teaches the 
method further comprising: 

intercepting a portion of incoming network data, as discussed above; and 
sending a false response to the portion of incoming network data to 
impersonate the different operating system in accordance with the security policy 
if the network is an untrusted network [Shwed et al column 10 line 53 to column 
11 line 13]. 

As to claims 1 1 and 23, the Shwed-Van Gaasbeck combination teaches that the security 
policy identifies the portion of incoming network data and the false response [Shwed et al 
column 7, lines 33-65]. 
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Conclusion 



5. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K Moorthy whose telephone number is 703-305-1373. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 



supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Aravind K Moorthy * 



September 24, 2004 




